Review whether we should migrate from age on sops
#61
Assignees
Milestone
Comments
|
CC @JosiahBSharkey In FiloSottile/age#231 (comment) you said that age has a post quantum age plugins can you elaborate on that? I am trying to make this infra PQS. Thanks for anything relevant! EDIT: Found the plugin https://github.com/keisentraut/age-plugin-sntrup761x25519 |
|
It has been a while since I used it because my computer had another hard
drive bricked by attackers and I am trying to get everything finished
enough to protect my services before I start using remote access again and
I bought another tpm so I can do sss secret storage protected by hardware
fuses that destroy themselves if they are physically attacked instead for
people that have 3 or more tpms that is a better option but the post
quantum age plugin can be found on the awesome-age repo under plugins it is
called age-plugin-sntrup761x25519 if you don't want to trust my link to it
or you can find it here
https://github.com/keisentraut/age-plugin-sntrup761x25519 this is also
unaudited encryption and might have implementation errors that leak key
data if an attacker can do side channel analysis while it is unlocked but
even if it does you still get the protection of x25519 even if the post
quantum key is leaked to a local attacker or has an unknown 0 day exploit
in it like have already been found in some other post quantum encryption
schemes that people thought were good at first and that will still keep you
safe from everyone that doesn't have as much money as a large nation state
with enough money to build a quantum computer
…On Wed, Jun 19, 2024, 8:45 AM KREYREN ***@***.***> wrote:
CC @JosiahBSharkey <https://github.com/JosiahBSharkey> In FiloSottile/age#231
(comment)
<FiloSottile/age#231 (comment)>
you said that age has a post quantum age plugins can you elaborate on that?
I am trying to make this infra PQS.
Thanks for anything relevant!
—
Reply to this email directly, view it on GitHub
<#61 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AWWTR3MIQ7RCVHFKDAE4UXTZIGRQBAVCNFSM6AAAAABJNMWA2GVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNZZGAYTCOJZHE>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Refer to matrix-org/matrix-spec#975 (comment) and FiloSottile/age#578 for rationale.
To me trustworthiness and confidence is everything in open-source and i can't in good faith say that i trust the author of age, this decision shouldn't be based on feelings alone, but we should review whether
sopsis a better alternative on a technical level and address Post-Quantum Safety ("PQS"). Until PQS is managed we should treat our secrets as likely to be exposed in the future and adjust our threat model to not include secrets that we are not comfortable being exposed e.g. SSH keys and onion URLs with management to rotate them on demand.Mic92, the creator of sops-nix appears to be well informed on the subject of PQS and suggest good practice: Mic92/sops-nix#451 (comment)
GnuPG a supported alternative to age in sops-nix reviewed the problem of PQS in 2014 -- https://lists.gnupg.org/pipermail/gnupg-users/2014-May/049722.html and treats it as a serious problem
Submitted an issue about HNDL in sops to get more data for the decision getsops/sops#1536
A community member made patches to implement PQS in age in their branch FiloSottile/age@main...qnfm:age:main the implementation is outdated and not finished, but it might be a good idea to utilize.
The text was updated successfully, but these errors were encountered: